Sophos Utm Community



Gets the Job Done but could be better

Status page provided by StatusCast. closed Latest Status Update: 4/1/21 19:00 UTC - At approximately 18:00 EDT / 22:00 UTC on 3/26/21 a maintenance script was executed on Sophos Central that caused a number of Partner Administrator accounts to lose their role assignments and as a result Partner/Customer User accounts affected by this issue may not have visibility to data, including. Support Community; Partner Portal; Licensing Portal (MySophos) Free Security Tools Free Trials Product Demos. Sophos UTM Essential Firewall. The Essential Firewall Edition is a free version of the Sophos UTM software and offers fundamental security functions to help protect any business network. Start today and implement a firewall. RE: ATP Alert Generated for DNS Lookup of hosts specified in UTM Block Rule. 2 days ago Recommended Reads This curated forum is to highlight content created by the Community or by Sophos.

We purchased two SG430 Sophos UTM appliances in February 2015. They are being run master and slave for redundancy. We are primarily using them for email, endpoint, and web protection. Previously we were using Barracuda for web, a Sophos email appliance for email protection, and a Sophos SAV server for antivirus. The UTM is adequate, but is not as good as the standalone products.

What are the pros?

The best part was the cost. With the UTM, we were able to get redundancy and replace three systems (web, email, and antivirus) for about the cost of two standalone systems. Our Barracuda device had failed, and the previous Sophos appliance/servers were due for replacement/renewal.

What are the cons?

Our system administrator has been frustrated with the UTM for antivirus endpoint administration. Previously he was used to the Sophos Enterprise Console on a standalone SAV server. The UTM is very slow in the Endpoint section of the web interface once we got more endpoints added (we have around 500). It is not as granular, or flexible to use, and deployment is done separately from the UTM.
The Barracuda web filter had more flexible/granular options, and was easier to make changes and have changes go into effect. Sometimes changes made on the UTM do not work.
The separate Sophos email appliance had some additional options not present in the UTM. Blacklisting needs more granularity.

+ Read more

Hello Michael, It's been a couple of years since my last organization migrated in a Hybrid scenario to Office 365. We had a Cisco Ironport device that handled email content similar to the Sophos UTM. We set up send and receive connectors to the Cisco Ironport that was in-between Office 365 and our on-Premise Exchange servers. Eventually we phased out the Ironport and had all filtering done by Office 365.

Sophos utm community access

I can say that when we configured our email to go through Office 365 we HAD to change the MX records to point to their servers. Not sure you can set up your Sophos UTM as the main MX and then route through Office 365. You may get errors in Office 365 when it checks for your domain's DNS settings.

I would keep the MX pointed to Office 365, set up send and receive connectors back to your Sophos device as a middle-man.

The link below has some good guidance.

Mail flow best practices for Exchange Online and Office 365 (overview)

Sophos Utm Community Download

That's my take.

Sophos Utm Home

Hope it sheds some light .